issues
search
code-423n4
/
2021-09-defiprotocol-findings
1
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Protocol owner fee limit not verified correctly (Factory.sol)
#127
code423n4
opened
2 years ago
1
Settle Time Limit not set correctly (Auction.sol)
#126
code423n4
opened
2 years ago
2
TIMELOC_DURATION not set correctly (Basket.sol)
#125
code423n4
closed
2 years ago
2
Variable assignment has no effect
#124
code423n4
opened
2 years ago
3
Timelocked functions doesn't emit proposal events
#123
code423n4
opened
2 years ago
2
Timelock period may be less than 24 hours because it depends on `block.number` instead of `block.timestamp`
#122
code423n4
opened
2 years ago
1
lack of checks in `Factory::setBondPercentDiv` allow owner to prevent bonding in Auction::bondForRebalance()
#121
code423n4
opened
2 years ago
2
lack of checks in Factory.setAuctionMultiplier
#120
code423n4
opened
2 years ago
1
Factory.sol - lack of checks in `setAuctionDecrement` will cause reverts in Auction::settleAuction()
#119
code423n4
opened
2 years ago
2
Factory.sol - lack of checks for setMinLicenseFee
#118
code423n4
opened
2 years ago
1
lack of zero address(0) validation in constructor and initialize()
#117
code423n4
closed
2 years ago
2
after sensitive action event should be emitted
#116
code423n4
closed
2 years ago
1
specs not according to the docs
#115
code423n4
opened
2 years ago
1
use of approve() instead of safeApprove()
#114
code423n4
opened
2 years ago
3
lack of Reentrancy guard in burn()
#113
code423n4
closed
2 years ago
2
packing of state variable
#112
code423n4
closed
2 years ago
1
lack of checking of array length
#111
code423n4
opened
2 years ago
1
unchecked return value from transfer()
#110
code423n4
closed
2 years ago
2
Packing storage variables in Auction would save gas
#109
code423n4
opened
2 years ago
1
settleAuction should be external and arguments should use calldata
#108
code423n4
opened
2 years ago
1
Withdrawing bounties after checking balances can lead to the entire basket being drained.
#107
code423n4
closed
2 years ago
2
Cannot handle compliant ERC20 tokens that takes fee on transfer
#106
code423n4
closed
2 years ago
2
Unintentionally causing users to lose their bond
#105
code423n4
closed
2 years ago
2
licenseFee can be greater than BASE
#104
code423n4
opened
2 years ago
1
Unsafe transfer used for bounty rewards
#103
code423n4
closed
2 years ago
2
Validation of weights doesn't check that the sum of the weights add up to 100%
#102
code423n4
closed
2 years ago
2
tokensNeeded can potentially be 0
#101
code423n4
opened
2 years ago
1
Require statements do not have an error message
#100
code423n4
closed
2 years ago
1
Suggestion for incentive alignment
#99
code423n4
opened
2 years ago
1
Misleading variable names
#98
code423n4
opened
2 years ago
1
Use CEI pattern to align w/ best practices
#97
code423n4
opened
2 years ago
1
Unused variable BLOCK_DECREMENT
#96
code423n4
closed
2 years ago
1
Only validateWeights when it is needed
#95
code423n4
opened
2 years ago
1
set lastFee in initialize() function
#94
code423n4
opened
2 years ago
1
Use mapping instead of array to check uniqueness of token.
#93
code423n4
closed
2 years ago
1
Transfer tokens directly to the basket
#92
code423n4
opened
2 years ago
2
Declare tokensNeeded outside of the for loop
#91
code423n4
closed
2 years ago
2
`Auction.sol#settleAuction()` late auction bond could potentially not being able to be settled, cause funds loss to bonder
#90
code423n4
opened
2 years ago
1
`Factory.sol` Lack of two-step procedure and/or input validation routines for critical operations leaves them error-prone
#89
code423n4
opened
2 years ago
1
Lack of event emission after sensitive actions
#88
code423n4
closed
2 years ago
1
Inconsistent use of `safeTransfer`
#87
code423n4
closed
2 years ago
2
Missing Zero-Address Checks
#86
code423n4
opened
2 years ago
1
Redundant Balance Check
#85
code423n4
opened
2 years ago
1
Missing maximum fee amount check
#84
code423n4
closed
2 years ago
2
Lack of zero ratio validation
#83
code423n4
opened
2 years ago
1
`Auction.sol#settleAuction()` addBounty with a fake token could potentially disrupt `settleAuction()`
#82
code423n4
opened
2 years ago
1
User can mint miniscule amount of shares, later withdraw miniscule more than deposited
#81
code423n4
opened
2 years ago
1
`Auction.sol#bondTimestamp` Misleading name
#80
code423n4
opened
2 years ago
1
`Basket.sol#handleFees()` could potentially cause disruption of minting and burning
#79
code423n4
opened
2 years ago
1
Basket.sol#handleFees() check if timeDiff > 0 can save gas
#78
code423n4
closed
2 years ago
1
Previous
Next